urlscan.io logo urlscan.io
SecurityTrails logo

gordian-capital.com Open in urlscan Pro
101.100.210.150  Public Scan

Go To Rescan Add Verdict Report
URL: http://gordian-capital.com/
Submission: On December 14 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 28 HTTP transactions. The main IP is 101.100.210.150, located in Singapore and belongs to VODIEN-AS-AP-LOC2 Vodien Internet Solutions Pte Ltd, SG. The main domain is gordian-capital.com.
This is the only time gordian-capital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 101.100.210.150 58621 (VODIEN-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
11 2620:100:6022... 19679 (DROPBOX)
5 91.134.128.173 16276 (OVH)
1 80.241.212.33 51167 (CONTABO t...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 46.229.166.177 39572 (ADVANCEDH...)
3 213.174.135.1 39572 (ADVANCEDH...)
28 7
2    101.100.210.150 (Singapore)

ASN58621 (VODIEN-AS-AP-LOC2 Vodien Internet Solutions Pte Ltd, SG)
PTR: ns79.webhostsg.com
gordian-capital.com
2    2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
11    2620:100:6022:6::a27d:4206 (United States)

ASN19679 (DROPBOX - Dropbox, Inc., US)
dl.dropboxusercontent.com
5    91.134.128.173 (France)

ASN16276 (OVH, FR)
i.hizliresim.com
1    80.241.212.33 (Germany)

ASN51167 (CONTABO to AS1299 announce AS34933, DE)
PTR: vmi103640.contabo.host
yourjavascript.com
4    2a00:1450:4001:815::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    46.229.166.177 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s11.postimg.io
s21.postimg.io
3    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s11.postimg.org
s21.postimg.org
s19.postimg.org
Domain Requested by
11 dl.dropboxusercontent.com gordian-capital.com
5 i.hizliresim.com gordian-capital.com
4 fonts.gstatic.com gordian-capital.com
dl.dropboxusercontent.com
2 fonts.googleapis.com gordian-capital.com
2 gordian-capital.com dl.dropboxusercontent.com
1 s19.postimg.org gordian-capital.com
1 s21.postimg.org gordian-capital.com
1 s21.postimg.io 1 redirects
1 s11.postimg.org gordian-capital.com
1 s11.postimg.io 1 redirects
1 yourjavascript.com gordian-capital.com
28 11

This site contains no links.

Subject Issuer Validity Valid
*.dl.dropboxusercontent.com
DigiCert SHA2 High Assurance Server CA		 2017-03-06 -
2020-03-10		 3 years crt.sh
hizliresim.com
Let's Encrypt Authority X3		 2017-09-22 -
2017-12-21		 3 months crt.sh
postimg.org
Let's Encrypt Authority X3		 2017-11-03 -
2018-02-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://gordian-capital.com/
Frame ID: (C634F446D332A62D7B84C902EDE375EE)
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

28
Requests

68 %
HTTPS

38 %
IPv6

8
Domains

11
Subdomains

7
IPs

5
Countries

2839 kB
Transfer

3201 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://s11.postimg.io/otyobwrr7/gorev_1.jpg HTTP 301
  • https://s11.postimg.org/otyobwrr7/gorev_1.jpg
Request Chain 21
  • https://s21.postimg.io/3pe10rkpz/kafkas_calisma_2.jpg HTTP 301
  • https://s21.postimg.org/3pe10rkpz/kafkas_calisma_2.jpg

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gordian-capital.com/ 		17 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://gordian-capital.com/
Protocol
HTTP/1.1
Server
101.100.210.150 , Singapore, ASN58621 (VODIEN-AS-AP-LOC2 Vodien Internet Solutions Pte Ltd, SG),
Reverse DNS
ns79.webhostsg.com
Software
Apache / PHP/5.5.38
Resource Hash
cd183dc13f4ac86bbf6d70ed177dba4ed05ac996b9ed0931f4cb5ec608bd3711

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
gordian-capital.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:45:55 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.5.38
Vary
Accept-Encoding
Upgrade
h2
Transfer-Encoding
chunked
Connection
Upgrade, Keep-Alive
Content-Type
text/html
Keep-Alive
timeout=3, max=100
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
9d1f266360ae3e57cead3aad5342d449eec392e75526332eddcec7df5a20fc08
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fonts.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:45:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2017 02:45:55 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Thu, 14 Dec 2017 02:45:55 GMT
bootstrap.min.css
dl.dropboxusercontent.com/s/ba24iz7jtpd914d/ 		111 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/ba24iz7jtpd914d/bootstrap.min.css
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
867260cfa78b4c143e607e3bcc5f0eb9eee754820caf6acca12c89a41c3aa13e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/ba24iz7jtpd914d/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:59 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
298
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=60
content-disposition
inline; filename="bootstrap.min.css"; filename*=UTF-8''bootstrap.min.css
set-cookie
uc_session=pHEJnc47ZNBB1oSWnxwrwh0jG5k0rU3rX4ATu9lvYkq4CGT0MYRhuPo7sEZeDLxT; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
af0cbf2519e958e885c28d134bb26f3e
font-awesome.min.css
dl.dropboxusercontent.com/s/oxuvsvzdx3ths53/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/oxuvsvzdx3ths53/font-awesome.min.css
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
79d8a4d3bf73c0fa4701a64dc76f67e29ea794b6075420d0b791b4c44f5b2a1d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/oxuvsvzdx3ths53/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
266
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=60
content-disposition
inline; filename="font-awesome.min.css"; filename*=UTF-8''font-awesome.min.css
set-cookie
uc_session=YFSY2XnaBpvH9sCz0EXYGXs3ldPenMjsQu0DH1HcMgJIKB6oJXkdo2iTEy8IW8gN; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
b7a5e4fd72e6f88a1d31e202b269b1dc
animate.min.css
dl.dropboxusercontent.com/s/d9wc0g9em7a7fsp/ 		74 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/d9wc0g9em7a7fsp/animate.min.css
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
75bbda60e8320714f5ce9fa64311a8970d5e95e0b0c49c3c7aa7e8a7dc144ca2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/d9wc0g9em7a7fsp/animate.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
268
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=60
content-disposition
inline; filename="animate.min.css"; filename*=UTF-8''animate.min.css
set-cookie
uc_session=IwDn0n5d8B9qCNTVTOPkM0v2gKNVPz6CblLZxpBblZdZnZJxGroCAjzkR7ZZ5Frm; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
e36b8528e6a604509d5683ea876c1a01
style.css
dl.dropboxusercontent.com/s/hqh925rqs6ywabf/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/hqh925rqs6ywabf/style.css
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
00385d5f469a3a513569e72c31f5fd3f2624011dff825a73503617e502096656
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/hqh925rqs6ywabf/style.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
328
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=60
content-disposition
inline; filename="style.css"; filename*=UTF-8''style.css
set-cookie
uc_session=V91vd7AIbWIz2ZziH3AUQYxAJLleOas4uJZMIcZKlpePAYx5Lrc1mG8AYZmqobf4; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
12da74d49c243df21fe8b9130e4e1ac5
spinner.png
dl.dropboxusercontent.com/s/i2ga8oswwewk7nb/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dropboxusercontent.com/s/i2ga8oswwewk7nb/spinner.png
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
30968ca10d0c58d2e9b06a98e656d340fbb49a62463d5f2a952e960343cabe0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/i2ga8oswwewk7nb/spinner.png
pragma
no-cache
cookie
uc_session=9EUxYPZxutyi9m9tJ6fC5xvgLs0jFZfqmJm9Ypy61uENJYk6Hd2xja5N7yy0ZdyU
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:56 GMT
server
nginx
etag
12n
x-server-response-time
393
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
status
200
cache-control
max-age=60
content-disposition
inline; filename="spinner.png"; filename*=UTF-8''spinner.png
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex
content-length
20120
x-dropbox-request-id
66e8050c82782635206cedc92ee7c4de
6X0znN.png
i.hizliresim.com/ 		613 KB
613 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/6X0znN.png
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.134.128.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
38f21559aa80a812f2a5710477f60418bc7bfa85a06863447ca8d0392fdd650d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i.hizliresim.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:45:59 GMT
Last-Modified
Sun, 20 Aug 2017 23:09:27 GMT
Server
nginx
ETag
"b34ef2c829ee84788c210e6ed2928856"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
628211
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
dl.dropboxusercontent.com/s/vu2qmpcj94v40my/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/vu2qmpcj94v40my/jquery.min.js
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/vu2qmpcj94v40my/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
247
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
status
200
cache-control
max-age=60
content-disposition
inline; filename="jquery.min.js"; filename*=UTF-8''jquery.min.js
set-cookie
uc_session=uVR8Ue95OWjbV3LCVPmfjfez76ziVzo6AjxyHCGYZna1I79OB7PCvQEfnFqRl8sH; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
843af7ebeff8206faad91bd533411fbb
bootstrap.min.js
dl.dropboxusercontent.com/s/b6xpqabiq8zjf9j/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/b6xpqabiq8zjf9j/bootstrap.min.js
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
cea2998e1be4a6d7d6ceb58658e7c3025f20b96ef3c13966289ce15d18f24bb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/b6xpqabiq8zjf9j/bootstrap.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
356
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
status
200
cache-control
max-age=60
content-disposition
inline; filename="bootstrap.min.js"; filename*=UTF-8''bootstrap.min.js
set-cookie
uc_session=9EUxYPZxutyi9m9tJ6fC5xvgLs0jFZfqmJm9Ypy61uENJYk6Hd2xja5N7yy0ZdyU; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
3fa55342160e27699076a07e080a8ebc
jquery.cycle.min.js
dl.dropboxusercontent.com/s/h0u5x9uelu9bnzp/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/h0u5x9uelu9bnzp/jquery.cycle.min.js
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
4870ffa80c8d16ec580cf5701db0ba32bf9e53683dad81d313ee578ed7fae6d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/h0u5x9uelu9bnzp/jquery.cycle.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
288
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
status
200
cache-control
max-age=60
content-disposition
inline; filename="jquery.cycle.min.js"; filename*=UTF-8''jquery.cycle.min.js
set-cookie
uc_session=T4hP6jQxd0eTGU5GAZEoIYIvK54GUALEEvUMDCXYRPdeMYqD8gD42A77uI0ZYfa5; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
41ddf9337e7e0bd614986f9d2e55aaee
jquery.parallax.min.js
dl.dropboxusercontent.com/s/vunlv368z9nvnxn/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/vunlv368z9nvnxn/jquery.parallax.min.js
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e2ee16a9107d901265ddfaba36f46ecaf49c620e0101388be929aa8756c9075b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/vunlv368z9nvnxn/jquery.parallax.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
267
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
status
200
cache-control
max-age=60
content-disposition
inline; filename="jquery.parallax.min.js"; filename*=UTF-8''jquery.parallax.min.js
set-cookie
uc_session=bLut9BdTepNa7N40ijemoXbm7siWRwszPFqhgmhKDPTucFGa07NkOzELObUNrp8x; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
c0add95511682166b18f68323302fc26
jquery.backstretch.min.js
dl.dropboxusercontent.com/s/qmbb4f1yecbhbds/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/s/qmbb4f1yecbhbds/jquery.backstretch.min.js
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/qmbb4f1yecbhbds/jquery.backstretch.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:45:55 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-server-response-time
259
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript
status
200
cache-control
max-age=60
content-disposition
inline; filename="jquery.backstretch.min.js"; filename*=UTF-8''jquery.backstretch.min.js
set-cookie
uc_session=JD5g0GayDIUVamLuSVgsenAemIup1zz0jOnjJmovmsuqeAWXp2HKeVVzWH6fnAWE; Domain=dropboxusercontent.com; httponly; Path=/; secure
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
0b987cd573105535160b96e68aa6f8f9
dakliz.js
yourjavascript.com/77120445117/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yourjavascript.com/77120445117/dakliz.js
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Server
80.241.212.33 , Germany, ASN51167 (CONTABO to AS1299 announce AS34933, DE),
Reverse DNS
vmi103640.contabo.host
Software
nginx /
Resource Hash
bffdf355c5c0318452362fe62b83bd6d81e134681d40f4d2602b7d3af27afacc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
yourjavascript.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:46:00 GMT
Cache-Control
max-age=315360000 public
Server
nginx
Connection
keep-alive
Content-Type
text/javascript; charset: UTF-8
Transfer-Encoding
chunked
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		397 B
286 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Iceland
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
366e54fa41571d6aa6c25b306108ca3a4251f924b0fcd9c8d02c7958ed549369
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
fonts.googleapis.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:45:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2017 02:45:55 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Thu, 14 Dec 2017 02:45:55 GMT
style.css
dl.dropboxusercontent.com/s/hqh925rqs6ywabf/ 		25 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dropboxusercontent.com/s/hqh925rqs6ywabf/style.css
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:100:6022:6::a27d:4206 , United States, ASN19679 (DROPBOX - Dropbox, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/s/hqh925rqs6ywabf/style.css
pragma
no-cache
cookie
uc_session=pHEJnc47ZNBB1oSWnxwrwh0jG5k0rU3rX4ATu9lvYkq4CGT0MYRhuPo7sEZeDLxT
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
dl.dropboxusercontent.com
referer
https://dl.dropboxusercontent.com/s/hqh925rqs6ywabf/style.css
:scheme
https
:method
GET
Referer
https://dl.dropboxusercontent.com/s/hqh925rqs6ywabf/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Dec 2017 02:46:00 GMT
content-encoding
gzip
server
nginx
x-server-response-time
826
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=60
content-disposition
inline; filename="style.css"; filename*=UTF-8''style.css
strict-transport-security
max-age=15552000; includeSubDomains
x-robots-tag
noindex, nofollow, noimageindex
x-dropbox-request-id
19432e7a7370e45853091c4b20db8195
MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://gordian-capital.com
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Origin
http://gordian-capital.com

Response headers

Date
Thu, 07 Dec 2017 20:41:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 21:49:47 GMT
Server
sffe
Age
540267
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
8916
X-XSS-Protection
1; mode=block
Expires
Fri, 07 Dec 2018 20:41:32 GMT
MTP_ySUJH_bn48VBG8sNSojoYw3YTyktCCer_ilOlhE.woff2
fonts.gstatic.com/s/opensans/v15/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSojoYw3YTyktCCer_ilOlhE.woff2
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb940b87ed9001f6562d79e7121997ea213f0fb27073348dcf30c51285d7c3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://gordian-capital.com
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Origin
http://gordian-capital.com

Response headers

Date
Sat, 09 Dec 2017 16:44:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 21:49:52 GMT
Server
sffe
Age
381689
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
7240
X-XSS-Protection
1; mode=block
Expires
Sun, 09 Dec 2018 16:44:30 GMT
QAUlVt1jXOgQavlW5wEfxQLUuEpTyoUstqEm5AMlJo4.woff2
fonts.gstatic.com/s/raleway/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/raleway/v12/QAUlVt1jXOgQavlW5wEfxQLUuEpTyoUstqEm5AMlJo4.woff2
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://gordian-capital.com
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Origin
http://gordian-capital.com

Response headers

Date
Sat, 09 Dec 2017 16:52:13 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 18:25:44 GMT
Server
sffe
Age
381226
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13160
X-XSS-Protection
1; mode=block
Expires
Sun, 09 Dec 2018 16:52:13 GMT
/
gordian-capital.com/ 		17 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gordian-capital.com/
Requested by
Host: dl.dropboxusercontent.com
URL: https://dl.dropboxusercontent.com/s/vu2qmpcj94v40my/jquery.min.js
Protocol
HTTP/1.1
Server
101.100.210.150 , Singapore, ASN58621 (VODIEN-AS-AP-LOC2 Vodien Internet Solutions Pte Ltd, SG),
Reverse DNS
ns79.webhostsg.com
Software
Apache / PHP/5.5.38
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
gordian-capital.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:46:00 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.5.38
Vary
Accept-Encoding
Upgrade
h2
Transfer-Encoding
chunked
Connection
Upgrade, Keep-Alive
Content-Type
text/html
Keep-Alive
timeout=3, max=100
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v15/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
Requested by
Host: dl.dropboxusercontent.com
URL: https://dl.dropboxusercontent.com/s/vu2qmpcj94v40my/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
http://gordian-capital.com
Accept-Encoding
gzip, deflate
Host
fonts.gstatic.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800
Origin
http://gordian-capital.com

Response headers

Date
Sat, 09 Dec 2017 17:02:01 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Oct 2017 21:49:46 GMT
Server
sffe
Age
380639
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
8892
X-XSS-Protection
1; mode=block
Expires
Sun, 09 Dec 2018 17:02:01 GMT
gorev_1.jpg
s11.postimg.org/otyobwrr7/
Redirect Chain
  • https://s11.postimg.io/otyobwrr7/gorev_1.jpg
  • https://s11.postimg.org/otyobwrr7/gorev_1.jpg
192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s11.postimg.org/otyobwrr7/gorev_1.jpg
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
873039ac2d67faaec28b667b267560e98ea08652e4682a22732c2f78a7162bfd

Request headers

:path
/otyobwrr7/gorev_1.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
s11.postimg.org
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 14 Dec 2017 02:46:00 GMT
last-modified
Tue, 24 Jan 2017 05:24:13 GMT
server
nginx
etag
"5886e4fd-2fed9"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
must-revalidate
accept-ranges
bytes
content-length
196313
x-proxy-cache
HIT

Redirect headers

status
301
date
Thu, 14 Dec 2017 02:46:00 GMT
server
nginx
content-length
178
location
https://s11.postimg.org/otyobwrr7/gorev_1.jpg
content-type
text/html
kafkas_calisma_2.jpg
s21.postimg.org/3pe10rkpz/
Redirect Chain
  • https://s21.postimg.io/3pe10rkpz/kafkas_calisma_2.jpg
  • https://s21.postimg.org/3pe10rkpz/kafkas_calisma_2.jpg
205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s21.postimg.org/3pe10rkpz/kafkas_calisma_2.jpg
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
ab46f9c32344125e8afffe1d2b7e4b1ff065a6e7b271088885ede4997aae5337

Request headers

:path
/3pe10rkpz/kafkas_calisma_2.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
s21.postimg.org
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 14 Dec 2017 02:46:00 GMT
last-modified
Mon, 05 Sep 2016 13:55:18 GMT
server
nginx
etag
"57cd7946-334d6"
status
200
content-type
image/jpeg
access-control-allow-origin
*
cache-control
must-revalidate
accept-ranges
bytes
content-length
210134
x-proxy-cache
HIT

Redirect headers

status
301
date
Thu, 14 Dec 2017 02:46:00 GMT
server
nginx
content-length
178
location
https://s21.postimg.org/3pe10rkpz/kafkas_calisma_2.jpg
content-type
text/html
suriyeharekat_i.jpg
s19.postimg.org/i9fq6ehgj/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s19.postimg.org/i9fq6ehgj/suriyeharekat_i.jpg
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2603ba54716189c4701bc44bfe676e8e81474f66a321d40afcad4d0e25151eab

Request headers

:path
/i9fq6ehgj/suriyeharekat_i.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
s19.postimg.org
referer
http://gordian-capital.com/
:scheme
https
:method
GET
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 14 Dec 2017 02:46:00 GMT
server
nginx
status
200
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
content-length
127878
x-proxy-cache
HIT
gqQBdQ.jpg
i.hizliresim.com/ 		393 KB
393 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/gqQBdQ.jpg
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.134.128.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
f837247bbd2b5e66edebfce7763cdac23c1c818d1e3c33cad9ee39ed106aa6fb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i.hizliresim.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:46:00 GMT
Last-Modified
Thu, 11 May 2017 17:19:01 GMT
Server
nginx
X-SadeCdn-Shield
sbg1.edge
ETag
"f4444bbb0032317ad0780a9aac2ad9bb"
X-SadeCdn-Shield-Status
MISS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
402802
Expires
Thu, 31 Dec 2037 23:55:55 GMT
W0OYPm.jpg
i.hizliresim.com/ 		506 KB
506 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/W0OYPm.jpg
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.134.128.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
65c55db08034a295020bbd21df049e4383d2a5527e0f027d62628dbe2082a10b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i.hizliresim.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:46:00 GMT
Last-Modified
Sun, 07 May 2017 17:09:04 GMT
Server
nginx
X-SadeCdn-Shield
sbg1.edge
ETag
"eb8426418622ea02e9a416d7ba02aaf0"
X-SadeCdn-Shield-Status
MISS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
518163
Expires
Thu, 31 Dec 2037 23:55:55 GMT
p0prmo.jpg
i.hizliresim.com/ 		552 KB
552 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/p0prmo.jpg
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.134.128.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6b042186cc879c13ca7fc495836a4b7891b17a495e3710a6bc6c93810849427d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i.hizliresim.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:46:00 GMT
Last-Modified
Sat, 06 May 2017 19:24:30 GMT
Server
nginx
X-SadeCdn-Shield
sbg1.edge
ETag
"1fdde62943fa8116ccf67b91961dfc37"
X-SadeCdn-Shield-Status
HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
565104
Expires
Thu, 31 Dec 2037 23:55:55 GMT
4GpqO7.jpg
i.hizliresim.com/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/4GpqO7.jpg
Requested by
Host: gordian-capital.com
URL: http://gordian-capital.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.134.128.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
995e2b4c6953e130544b9079520ecb1609fdbd3bcaced175cc4e7fa5ff64ddbf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i.hizliresim.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://gordian-capital.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://gordian-capital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 02:46:00 GMT
Last-Modified
Sun, 05 Nov 2017 23:13:07 GMT
Server
nginx
ETag
"9eba9a09d60fb43b6f6537918250da5f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
68624
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint function| disableselect function| reEnable function| $ function| jQuery object| jQuery1111021181921923303948 object| shortcut string| left string| right string| msg number| speed function| scroll_title function| TypingText object| config function| createStars function| setCanvas function| setContext function| loop function| bind function| init

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: PREF
Value: f1=50000000
.youtube.com/ Name: YSC
Value: riMzTz6YuLY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Zd4xrSvMoL4

1 Console Messages

Source Level URL
Text
console-api log URL: https://dl.dropboxusercontent.com/s/h0u5x9uelu9bnzp/jquery.cycle.min.js(Line 6)
Message:
[cycle2] --c2 init--

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.dropboxusercontent.com
fonts.googleapis.com
fonts.gstatic.com
gordian-capital.com
i.hizliresim.com
s11.postimg.io
s11.postimg.org
s19.postimg.org
s21.postimg.io
s21.postimg.org
yourjavascript.com
101.100.210.150
213.174.135.1
2620:100:6022:6::a27d:4206
2a00:1450:4001:815::2003
2a00:1450:4001:815::200a
46.229.166.177
80.241.212.33
91.134.128.173
00385d5f469a3a513569e72c31f5fd3f2624011dff825a73503617e502096656
1c21dd409e977f176ae963b5510fbdd57669e9861fff9f5d9a46b6fc73f430fa
2603ba54716189c4701bc44bfe676e8e81474f66a321d40afcad4d0e25151eab
2fb940b87ed9001f6562d79e7121997ea213f0fb27073348dcf30c51285d7c3a
30968ca10d0c58d2e9b06a98e656d340fbb49a62463d5f2a952e960343cabe0f
366e54fa41571d6aa6c25b306108ca3a4251f924b0fcd9c8d02c7958ed549369
38f21559aa80a812f2a5710477f60418bc7bfa85a06863447ca8d0392fdd650d
4870ffa80c8d16ec580cf5701db0ba32bf9e53683dad81d313ee578ed7fae6d9
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
65c55db08034a295020bbd21df049e4383d2a5527e0f027d62628dbe2082a10b
6b042186cc879c13ca7fc495836a4b7891b17a495e3710a6bc6c93810849427d
75bbda60e8320714f5ce9fa64311a8970d5e95e0b0c49c3c7aa7e8a7dc144ca2
79d8a4d3bf73c0fa4701a64dc76f67e29ea794b6075420d0b791b4c44f5b2a1d
7e9631fb09c3f7a27a1a1f7b017c5e19ac006cafa1204626fb033d89f970812c
867260cfa78b4c143e607e3bcc5f0eb9eee754820caf6acca12c89a41c3aa13e
873039ac2d67faaec28b667b267560e98ea08652e4682a22732c2f78a7162bfd
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
995e2b4c6953e130544b9079520ecb1609fdbd3bcaced175cc4e7fa5ff64ddbf
9d1f266360ae3e57cead3aad5342d449eec392e75526332eddcec7df5a20fc08
ab46f9c32344125e8afffe1d2b7e4b1ff065a6e7b271088885ede4997aae5337
bffdf355c5c0318452362fe62b83bd6d81e134681d40f4d2602b7d3af27afacc
cd183dc13f4ac86bbf6d70ed177dba4ed05ac996b9ed0931f4cb5ec608bd3711
cea2998e1be4a6d7d6ceb58658e7c3025f20b96ef3c13966289ce15d18f24bb5
e2ee16a9107d901265ddfaba36f46ecaf49c620e0101388be929aa8756c9075b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f837247bbd2b5e66edebfce7763cdac23c1c818d1e3c33cad9ee39ed106aa6fb